release/20250320
- release/20250320
- release/20250116
English

Condition key and operator information

Print
Share
PDF

Condition key and operator information

Print
Share
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

Available in Classic and VPC

Describes the items related to Condition settings provided by NAVER Cloud Platform.

Condition key/value

Condition key/value: properties information to be applied to the policy. Permission checks are performed by comparing the "key:value" set in the condition key with the "key:value" of the properties where the policy is executed.

Type	Condition key	Details	Value input	Value information path	Data type
Principal properties	ncp:principalName	User name of the Action performer	User name	Services > Management & Governance > Sub Account > Sub Accounts > Sub account details	String
	ncp:principalId	Login ID of the Action performer	Login ID	Services > Management & Governance > Sub Account > Sub Accounts > Sub account details	String
	ncp:principaluuid	ID No of the Action performer	ID	Services > Management & Governance > Sub Account > Sub Accounts > Sub account details	String
	ncp:principalType	Type of the Action performer	Enter the corresponding value from the following: If the performer is a sub account, enter IamUser. If the performer is a role, enter IamRole.		String
	ncp:sourceIdentityId	Each role's target resource if the principalType is IamRole	AccountRole: role transitioned user's Sub Account ID SSO Role: role transitioned user's SSO user ID Service Role: role assigned service's resource information	AccountRole: Services > Management & Governance > Sub Account > Sub Accounts > Sub account details > ID SSO Role: Services > Management & Governance > Ncloud Single Sign-On > External IdP Login > Users > User details > ID Service Role_Data Flow: Services > Management & Governance > Resource Manager > Service Role connected Data Flow resource's NRN Service Role_Datafence: Services > Management & Governance > Resource Manager > Service Role connected Datafence resource's NRN Service Role_External Access: Services > Management & Governance > Sub Account > External Access > Subject Activity details > Performer	String
	ncp:sourceIdentityType	Each role's user type if the principalType is IamRole	Enter the corresponding value from the following: If AccountRole, enter IamUser. If SSO Role, enter FederatedUser. If Server Role, enter Server If Service Role, enter NcloudService.		String
Resource properties	ncp : resourceTag	Tags controlling the target resource of the Action	key:value		String

Condition operators

Operator: a string condition used to check the "key:value" set in the condition key during permission checks.

Type	Description	Note
StringEquals	String matches exactly (case-sensitive)	If the multiple values are included or if 1 of the specified values matches, true.
StringNotEquals	String mismatches (case-sensitive)	If multiple values are included, nor if all specified values do not match, true.
StringLike	String matches similarly (case-sensitive)	If the string partially matches including * (multiple wildcard), true. If the multiple values are included or if 1 of the specified values matches, true.
StringNotLike	String matches similarly (case-sensitive)	If the string partially matches including * (multiple wildcard), true. If the multiple values are included nor if any of the specified values mismatches, true.

Type	Description	Note
~ IfExists	Check the condition only if the key exists followed by the operator.	If it does not exist, true.

Was this article helpful?

What's Next

Sub Account resource management

Table of contents

Condition key/value
Condition operators